(Page 4 of 17)   < Prev  1 2 3 4 5 6 7 8 9 10 11  Next >

Category: Auditing » Host

Linux Security Auditing Tool
Added 2004-01-11
by Triode
Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and scans for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.

Local Area Security Linux
Added 2003-11-19
by Jascha
Local Area Security has released the 0.4 MAIN of their 'live CD' security toolkit which fits on a 185MB miniCD. With full Fluxbox desktop and over 250 security related tools encompassing pen testing, forensics, administration, monitoring, etc. Many additions and fixes have been made since the beta version. Along with the addition of the 'toram' boot option which allows it to be run entirely from RAM.

Added 2003-10-22
by Matthias Cramer, cramer@freestone.net
PingScan scans networks via ping for reachable hosts. It does DNS lookup and checks for correct forward/reverse entries. You can enter network adressess in CDIR notation or give start and end adresses.

Added 2003-10-22
by Peter Eriksson, pen@lysator.liu.se
Pidentd v3 is a much improved version of the original Ident daemon both in terms of speed, code quality and features. Features include multithreading, a "configure" script, startup autodetection, much clearer/rewritten C code, doesn't run as root after startup, has a configuration file and can be started from /etc/inittab (on systems using a SysV init).

Saint Jude, Linux Kernel Module
Added 2003-09-23
by Tim Lawless
Saint Jude LKM is a Linux Kernel Module for the 2.2.0 and 2.4.0 series of kernels. This module implements the Saint Jude model for improper privilege transitions. This will permit the discovery of local and remote root exploits during the exploit itself. Once discovered, Saint Jude will terminate the execution, preventing the root exploit from occurring. This is done without checking for attack signatures of known exploits, and thus should work for both known and unknown exploits.

Added 2003-08-12
by Ben Collins
sXid is an all in one suid/sgid monitoring program designed to be run from cron on a regular basis. Basically it tracks any changes in your s[ug]id files and folders. If there are any new ones, ones that aren't set any more, or they have changed bits or other modes then it reports the changes in an easy to read format via email or on the command line.

Data Thief
Added 2003-05-07
by Application Security, Inc
Data Thief is a ?proof-on-concept? tool used to demonstrate to web administrators and developers how easy it is to steal data from a web application that is vulnerable to SQL Injection. Data Thief is designed to retrieve the data from a Microsoft SQL Server back-end behind a web application with a SQL Injection vulnerability. Once a SQL Injection vulnerability is identified, Data Thief does all the work of listing the linked severs, laying out the database schema, and actually selecting the data from a table in the application.

Added 2002-07-19
by Arne Vidstrom
This is a very useful tool that lists the current processes in your Windows system and which ports they listen on. It is written to work on Windows NT and Windows 9x. There have been some stability problems on Windows 9x, but they seem to have been solved now. On Windows NT, inzider is unable to check processes that are started as services.

Apache Chunked Scanner
Added 2002-06-21
by eEye Digital Security
The Retina Apache Chunked Scanner is a tool created by eEye that is able to scan up to 254 IP addresses at once and determine if any are vulnerable to the recent Apache Chunked Encoding overflow. If an IP address is found to be vulnerable to the Apache Chunked Encoding attack, then the Retina Apache Chunked Scanner will flag the IP address. Administrators can then double-click on the IP address to be taken to a website with information on how to fix the vulnerability.

Added 2002-05-26
by Bruce Buhler and Wayne Larmon
IPWatch will reconfigure your machine after an IP change by reinitializing the hostname, restarting the system logging facilities to use the new hostname, restarting your firewall, and updating your dynamic hostname (it supports yi.org, homepc.org, justlinux.com, dhs.org, dyndns.org, and dyndns.com). It will also restart your network if your machine loses connectivity. In both cases, email is sent with a full log of everything that's been done (including your new IP address).

Search Tools
Browse by category
Log Analysis, Host, Passwords, Network, File Integrity, PSTN, Forensics, Backdoors, Source Code
Passwords, Filesystem, Network, System, Compiler, Log Management, Usage Monitoring, Email
One Time Passwords, User Authentication, Password Management, Web, Server, Certificates, Tokens
Intrusion Detection
Network, Host, Web, Evasion
Access Control
Network, Firewall, user privileges, RPC, Bootup, File System, Applications, Mandatory Access Control, Server, X-Windows, ACLs, Privileges
Libraries, Applications
Libraries, Random Numbers, Traffic Encryption, Data Encryption, Cryptoanalysis, Steganography, E-mail
Network Monitoring
Policy Enforcement
Web Access, Email
System Security Management
Accounts, Console, Windows NT, Firewall, Configuration, Filesystem, Linux, Solaris, Monitoring
Network Utilities
Tunneling, Miscellaneous, Monitoring
Secure Deletion
Linux, FreeBSD, NT, Solaris
Hostile Code
Detection, Removal, Sandbox


Privacy Statement
Copyright 2010, SecurityFocus